2 Answers
2

Information flow control is a broad concept, but the crux of it is that one can attempt to increase the security of a process by identifying which parts of memory it should legitimately modify, and then comparing that to which parts of memory it actually attempts to modify. This can be as broad or granular as you like: you could consider Code Access Security as a very board form of IFC, or even something as simple as file permissions and auditing. More commonly, though, IFC is applied to code at compile/link time and enforced in the generated assembly (or in the language runtime if the program is JIT-based). This can also, more broadly, be applied to cases such as information leakage, where you want to understand how a sensitive piece of information makes its way through the system.

Taint analysis is a mechanism by which some aspects of IFC can be implemented. In order to produce the whitelist of legitimate memory sections that an operation is expected to touch, the compiler assesses the code for what variables are read/written, which functions are called, and what code paths are expected to be followed (e.g. if a method is called with a static value, it can infer that certain branches must always be taken / not taken). This list can be considered to be a list of entities which are tainted by the operation. In a more broad case, taint checking can also be used as part of code analysis techniques where sources (i.e. locations where untrusted input arrive from) can be mapped against drains (i.e. locations where security-relevant operations occur), such that each source has a list of tained drains, and each drain has a list of sources from which it can potentially be tainted - this is commonly demonstrated by considering a case where URL value (source) might reach a SQL query (drain), resulting in SQL injection.

Data flow integrity is simply a term used to describe whether or not an application under IFC protection has strayed outside the expected flow. When the program runs, it is instrumented in some fashion in order to ensure that each instruction or set of instructions does not violate data flow integrity, i.e. the values which were expected to be untainted by the operation have remained so.

Information Flow Control

The way that I understand it is that Information Flow Control is a superset of measures to protect the control and data flow of programs from malicious interference.

Data Flow Integrity

Ensuring the integrity of your data by making sure that no untrusted data (e.g. user input) can influence crucial parts of your computation.
It is somehow connected to control flow integrity where you want to ensure an attacker cannot divert the control flow, e.g. no buffer overflows, return-oriented-programming and the like, but I have no clear distinction for you. Some might argue that Data Flow Integrity also covers data-only attacks where no irregular code is executed but the malicious input just changes the data the program operates on, but I am not completely sure about the exact definition.

Taint Tracking

An information flow control mechanism that assigns labels to data of interest. Labels can be more than a simple boolean, for example data might be labeled by its origin. Any time labeled/tainted data is used in a computation, the taint carries over and as soon as tainted data is about to leak (written to file/logs/network/...). Taint Tracking is a well-studied measure in the field of Information Flow Control. It struggles to give hard guarantees but is often used in practice. Taint Tracking can be implemented as dynamic or static analysis.